It is important that you read this Policy together with any other applicable notices we may provide on specific occasions when we are collecting, using, disclosing and/or processing Personal Data about you and your End Users, so that you are fully aware of how and why are we using Personal Data of you and your End Users.
Capitalised terms not defined below have the meanings ascribed to them in MACROKIOSK’s Terms of Services.
“Applicable Data Protection Laws” refers to all laws and regulations applicable to MACROKIOSK’s processing of personal data under the Agreement including without limitation, the Malaysian Personal Data Protection Act 2010.
“Personal Data” means any information about an individual, whether recorded in a material form or not and whether true or not, who can be identified from that data (whether directly or indirectly), or from that data and other data to which we have or are likely to have access.
MACROKIOSK processes two broad categories of Personal Data when you use our Services:
- “Customer Account Data” which comprises your Personal Data as a customer of our Services including the names and/or contact information of individuals authorised by you to access your account and billing information. Customer Account Data also includes any data we may need to collect for the purpose of identity verification, or as part of our legal obligation to retain subscriber records.
- Information in relation to your End Users which includes Customer Usage Data and Customer Content. “Customer Usage Data” refers to data processed by MACROKIOSK for the purposes of transmitting or exchanging Customer Content, including data used to identify the source and destination of a communication such as (a) individual data subjects’ telephone numbers, data on the location of the device generated in the context of providing our Services, and the date, time, duration and type of communication and (b) activity logs used to identify the source of Service requests, optimise and maintain performance of the Services, and investigate and prevent system abuse.
- “Customer Content” refers to (a) data exchanged by means of use of our Services, such as text, message bodies, message title, voice and video media, images, email subject, and sound, and (b) data stored on your behalf such as communication logs within the Services or marketing campaign data you have uploaded to our platforms.
MACROKIOSK processes these categories of personal information differently because the direct relationship we have with you, our customer, is different than the indirect relationship we have with your End Users.
We will only be able to collect certain categories of Personal Data if you voluntarily provide the Personal Data to us or as otherwise provided for under this Policy. If you choose not to provide the Personal Data to us, or subsequently withdraw your consent to our use of the Personal Data about you or your End Users, we may not be able to provide you with certain features or functionality on our Services.
COLLECTION OF PERSONAL DATA
CATEGORY 1: CUSTOMER’S ACCOUNT DATA
What Personal Data is Collected?
We collect and process your Personal Data:
- When you visit our website www.macrokiosk.com, sign up for an event or make a request to receive information about MACROKIOSK or our products like our newsletter;
- When you contact our sales team;
- When you create an Account with us and use our Services.
What Customer Account Data MACROKIOSK Processes When You Visit Our Website, Sign Up for MACROKIOSK Event, or Make a Request for Information about MACROKIOSK and Why
When you visit our website, sign up for a MACROKIOSK event or request more information about MACROKIOSK, we collect data automatically using tracking technologies, like cookies, and through web forms where you type in your information. The data we collect through cookies consists of data relating to your device, IP address and your usage of the websites. We collect this data to provide you with what you request through the web form, to learn more about who is interested in our Services, and to improve navigation experience on our pages.
What Customer Account Data MACROKIOSK Processes When You Contact Our Sales Team and Why
When you contact us, such as for business relations or interest, ordering Services or in relation to projects, media, investor contacts, supplier relations or sponsorships, we collect your Personal Data in order to enable us to meet your request or interest, provide support, or comply with contractual obligations or prepare to enter into a contract.
What Customer Account Data MACROKIOSK Processes When You Create An Account With Us and Use our Services and Why
When you create an Account with us, we ask certain information like your contact details and billing information so we can communicate with you and so you can pay for our Services. We also collect some data automatically, like your IP address, when you log into your account or when your software application built on MACROKIOSK makes requests to our APIs. We use this to understand who is using our Services and how, and to detect, prevent and investigate fraud, abuse, or security incidents.
CATEGORY 2: END USERS’ PERSONAL DATA
Your End Users’ Personal Data typically shows up on our platform in a few different ways:
CUSTOMER USAGE DATA
We collect Customer Usage Data when you send or receive communications through your use of our Services.
What Personal Data is Collected?
- Communications-related personal information about your end users, like your End Users’ phone numbers for number-based communications, your End Users’ email address for email communications, IP addresses for IP-based communications which show up in our systems when you use or intend to use this information to contact your end user through use of our Services.
What Customer Usage Data MACROKIOSK Processes and Why
We use Customer Usage Data to provide Services to you and to carry out necessary functions of our business as a communications service provider. We do not sell your End Users’ Personal Data and we do not share your End Users’ Personal Data with third parties for those third parties’ own business interests.
What Personal Data is Collected?
- Your End Users’ Personal Data may also be contained in the content of communications you (or your End Users) send or receive using MACROKIOSK’s Services.
What Customer Content MACROKIOSK Processes and Why
We use Customer Content to provide Services to you and to carry out necessary functions of our business as a communications service provider. We do not sell your End Users’ Personal Data and we do not share your End Users’ Personal Data with third parties for those third parties’ own business interests.
USE OF PERSONAL DATA
CUSTOMER ACCOUNT DATA
In respect of the Customer Account Data, MACROKIOSK acts as a data user.
We use Customer Account Data to further our legitimate interests to:
- Understand who our customers are, manage our relationship with you and other customers;
- Carry out core business operations such as accounting, filing taxes, and fulfilling regulatory obligations; and
- Help detect, prevent, or investigate security incidents, fraud and other abuse and/or misuse of our Services.
We will process Customer Account Data in accordance with Applicable Data Protection Law and consistent with Policy.
CUSTOMER USAGE DATA
When we process Customer Usage Data, we act as a processor in many respects, but we may act as a data user in others. For example, we may need to use certain Customer Usage Data for the legitimate interests of billing, reconciling invoices with the telecommunications carriers, and in the context of troubleshooting and detecting problems with the network. We will process Customer Usage Data in accordance with Applicable Data Protection Law and consistent with Policy.
When we process Customer Content, we generally act as a processor. You appoint MACROKIOSK as a processor to process Customer Content on your behalf in accordance with your instructions. You will ensure that your instructions comply with Applicable Data Protection Law. You acknowledge that we are not responsible for determining which laws are applicable to your business nor whether our provision of Services meets or will meet the requirements of such law. You will ensure that MACROKIOSK’s processing of Customer Content, when done in accordance with your instructions, will not cause MACROKIOSK to violate any applicable law, regulation, or rule, including Applicable Data Protection Law. We will inform you if we become aware or reasonably believe that your data processing instructions violate any applicable law, regulation, or rule, including Applicable Data Protection Law.
DISCLOSURE OF PERSONAL DATA
We do not share your Customer Account Data with third parties for their own marketing purpose unless you ask us to do this or give us consent to do this. Further, we do not sell your End Users’ Personal Data. We also do not share it with third parties for their own marketing or other purposes, unless you instruct us to do so.
Occasionally, we use external third-party service providers for delivering Services on our behalf and on our instructions as set out in a data processing agreement with the relevant service provider. We use such service providers for consultancy purposes, financial services, security services, IT services, communication services and integrity due diligence services. In such, we may share with you or your End Users’ data with such parties to the extent necessary to perform such work.
RETENTION OF PERSONAL DATA
MACROKIOSK will store your Customer Account Data as long as needed to provide you with our Services and to operate our business unless a longer retention period is required or allowed by law. Once your Customer Account Data is no longer necessary for our Services, or we no longer have a legal or business purpose for retaining your Customer Account Data, we take steps to erase, destroy, anonymise or prevent access or use of such Customer Account Data for any purpose other than compliance with this Policy, or for purposes of safety, security, fraud prevention and detection, in accordance with the requirements of Applicable Data Protection Laws.
Upon termination of the Agreement, we may retain Customer Usage Data for the purposes set out in Section 3(II) above, subject to confidentiality obligations set forth in the Agreement. We will delete Customer Usage Data when we no longer require it for the purposes set out in Section 3 above.
Prior to termination of the Agreement between you and MACROKIOSK, we will process stored Customer Content until you elect to delete such Customer Content via our Services. If there is any Customer Content that has to be returned to you, you shall notify us, and we will back up a copy of the Customer Content and return to you. If you are subject to General Data Protection Regulation (GDPR), we will also notify our external data processor to remove Customer Content.
TRANSFER OF PERSONAL DATA
When you use our portal, or our other Services, Personal Data of you and your End Users processed by MACROKIOSK may be transferred to Malaysia, where our primary processing facilities are located, and possibly to other countries where we or our service providers such as our mobile network operators, inter link providers operate. These transfers will often be made in connection with routing your communications in the most efficient way.
We employ appropriate safeguards for cross-border transfers of Personal Data, as required by Applicable Data Protection Laws.
PROTECTION OF PERSONAL DATA
We will take reasonable legal, organisation and technical measures to ensure that the Personal Data of you and your End Users processed by us is protected. This includes measures to prevent Personal Data from getting lost or used or accessed in an unauthorised way. We limit access to Personal Data to our employees on a need to know basis. Those processing Personal Data will only do so in an authorised manner and are required to treat your information with confidentiality.
You are responsible for making an independent determination as to whether our Services meet your requirements and legal obligations, including your obligations under Applicable Data Protection Law.
YOUR RIGHTS WITH RESPECT TO PERSONAL DATA>
In accordance with applicable laws and regulations, you may be entitled to:
- Ask us about the processing of Personal Data about you and your End Users;
- Request the correction and/or (in some case) deletion of your Customer Account Data;
- Request the restriction of the processing of Personal Data about you and your End Users, or object to that processing;
- Withdraw your consent to the processing of your Customer Data;
- Complain to the relevant data privacy authority if your data privacy rights are violated, of if you have suffered as a result of unlawful processing of your Customer Account Data; and
- Receive your Customer Account Data in a machine-readable format and to forward the data to another party (data portability), provided that certain conditions are met.
If you wish to make a request to exercise your rights, you can contact our business process team at email@example.com.
UPDATING YOUR CUSTOMER ACCOUNT DATA
It is important that the Customer Account Data you provide to us is accurate and complete for you to continue using the Services and for us to provide the Services. You are responsible for informing us of changes to your Customer Account Data, or in the event you believe that the Customer Account Data we have about you is inaccurate, incomplete, misleading or out of date. You can update your Customer Account Data anytime by notifying us.